<?php

	require_once('../inc/fen_fns.php');
	require_once('../inc/class.phpmailer.php');
	
	sec_session_start();
	
	$titr = $_POST['titr'];
	$name = $_POST['name'];
	$surname = $_POST['surname'];
	$username = $_POST['username'];
	$email = $_POST['email'];
	$faculty_id = $_POST['faculty_id'];
	$department_id = $_POST['department_id'];
	$access_level = $_POST['access_level'];
	$status = $_POST['status'];
	


	
	
	$six_digit_random_number = mt_rand(100000, 999999);
	//$six_digit_random_number = "fed2023";
	
	$password = hash('sha512', $six_digit_random_number);
	// Create a random salt
	$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
	// Create salted password (Careful not to over season)
	$password = hash('sha512', $password.$random_salt);

	
	if(login_check($mysqli, '>', '100') == true) {
	
		
		$query = $_DB->Query("SELECT id from fen_members where username = '".$_SESSION['username']."'");
		$userid = $_DB->GetResultValue($query, "0", "id");
		
		$queryusernamecheck = $_DB->Query("SELECT id from fen_members where username = '".$username."'");
		$usernamecheck = $_DB->GetResultValue($queryusernamecheck, "0", "id");
		
		//if ($usernamecheck != 1) {
			
			$query = $_DB->Query("insert into fen_members values
                         (null,
						 '".$faculty_id."',
						 '".$department_id."',
						 '".$status."',
						 '".$access_level."',
						 '".$titr."',
						 '".$name."',
						 '".$surname."',
						 '".$username."',
						 '".$email."',
						 '".$password."',
						 '".$random_salt."',
						 DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 3 HOUR),
						 '".$_SESSION['username']."',
						 DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 3 HOUR),
						 '".$_SESSION['username']."'
						 )");
			
			$mail = new PHPMailer(true); // the true param means it will throw exceptions on errors, which we need to catch
			
			$mail->IsSMTP(); // telling the class to use SMTP
			$body = "Sayın ".$name." ".$surname.",<br><br>
			BUZEB Elektronik Bilgi Sistemi hesabınız oluşturulmuştur.<br><br>
			Kullanıcı Adınız: <b>".$username."</b><br>
			Şifreniz: <b>".$six_digit_random_number."</b><br><br>
			Sisteme hemen giriş yapmak için lütfen
			<a href=\"http://buzeb.bahcesehir.edu.tr/fen\">tıklayınız</a>.<br><br>
			BUZEB";
			
			try {
			$mail->Host       = "email-smtp.us-east-1.amazonaws.com"; // SMTP server
			$mail->SMTPAuth = true;
			$mail->SMTPSecure = "tls";
			$mail->Port     = '25';
			$mail->Timeout  = '60';
			$mail->CharSet = 'UTF-8';
			// $mail->SMTPDebug  = 2;                     // enables SMTP debug information (for testing)
			$mail->Username   = "AKIAJJ5P2CPVSTBY4YPQ"; // SMTP account username
			$mail->Password   = "Aim/pUv1c9npGYoYBwte6+Q3sfGQCMhGKADllGTakQ+C";        // SMTP account password
			$mail->AddAddress($email, name);
			$mail->From = 'buzeb@bahcesehir.edu.tr';
			$mail->SetFrom('buzeb@bahcesehir.edu.tr', 'buzeb@bahcesehir.edu.tr');
			$mail->AddReplyTo('buzeb@bahcesehir.edu.tr', 'buzeb@bahcesehir.edu.tr');
			$mail->Subject = 'BUZEB Elektronik Bilgi Sistemi Şifre Sıfırlama';
			$mail->AltBody = 'To view the message, please use an HTML compatible email viewer!'; // optional - MsgHTML will create an alternate automatically
			//$mail->MsgHTML(file_get_contents('contents.html'));
			$mail->MsgHTML($body);
			$mail->Send();
			echo "Message Sent OK</p>\n";
			} catch (phpmailerException $e) {
			echo $e->errorMessage(); //Pretty error messages from PHPMailer
			} catch (Exception $e) {
			echo $e->getMessage(); //Boring error messages from anything else!
			}
			
			
			
		//}
		header('Location: ../users.php');
	
		
	
	} else {
		header('Location: ./index.php?error=2');
	}